CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang

A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday. Cybersecurity firm Check Point Read More …

Palo Alto VPN bug graduates from advisory to active exploitation

Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access. The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific Read More …

Cybercriminal VPN used by ransomware actors dismantled in global crackdown

A VPN service used by cybercriminals to conceal ransomware attacks, data theft, and other serious offences has been dismantled in an international operation led by France and the Netherlands, with support from Europol and Eurojust. For years, the service, known Read More …

Marquis confirms data breach, point finger of blame at SonicWall firewall

Marquis, a US fintech company building software for banks and credit unions, has confirmed suffering a ransomware attack and losing sensitive customer data, but shifted the blame onto its firewall provider, SonicWall. In mid-September 2025, SonicWall warned its firewall customers Read More …

In 2025, age checks started locking people out of the internet

If 2024 was the year lawmakers talked about online age verification, 2025 was the year they actually flipped the switch.​ In 2025, across parts of Europe and the US, age checks for certain websites (especially pornography) turned long‑running child‑protection debates Read More …

The EU prepares ground for wider data retention – and VPN providers are among the targets

EU governments are pushing to widen data retention obligations for apps that citizens use every day – and the best VPN apps are among those targeted. A new internal document dated November 27 (first published by Netzpolitik) provides important insights Read More …

Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene

When you hear the term “personal hygiene,” chances are you think of basic routines such as staying clean, wearing deodorant and brushing your teeth. In today’s tech-driven world, another aspect of personal hygiene deserves more attention: cyber hygiene. Cyber hygiene Read More …

WatchGuard warns users Firebox firewalls may have a critical issue

WatchGuard has fixed a critical-severity vulnerability affecting its Firebox firewalls and is urging users to apply the newly released patch without hesitation. In a security advisory, the company said it addressed an out-of-bounds write vulnerability in the WatchGuard Fireware OS Read More …

Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN

In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall Read More …

Cisco Releases Security Advisory Affecting Cisco Identity Service Engine

Cisco has released software updates for its Identity Service Engine (ISE). The updates address a critical severity vulnerability in the ISE product. Cisco Identity Services Engine (ISE) is a context-aware policy service to control access and threats across wired, wireless, Read More …